Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

sap_ha_pacemaker_cluster: enhanced pre-checks and improved variable handling #471

Merged
merged 8 commits into from
Sep 22, 2023
568 changes: 422 additions & 146 deletions roles/sap_ha_pacemaker_cluster/README.md

Large diffs are not rendered by default.

246 changes: 147 additions & 99 deletions roles/sap_ha_pacemaker_cluster/defaults/main.yml

Large diffs are not rendered by default.

818 changes: 518 additions & 300 deletions roles/sap_ha_pacemaker_cluster/meta/argument_specs.yml

Large diffs are not rendered by default.

This file was deleted.

Original file line number Diff line number Diff line change
@@ -0,0 +1,95 @@
---
# After all of the previous construction flows, the final parameters must
# be translated to 'ha_cluster' Linux System Role syntax.
#
# This way the include_role parameters are set as play vars and do not
# require a static list of vars when the role is included.

# List of parameters that are constructed by this role, but not all of them
# are mandatory to be defined. For any undefined parameter the default of the
# 'ha_cluster' role will apply, if the role has a default defined.
#
# Make sure to always define those parameters which have no 'ha_cluster' LSR default!
#
# SAP HA Pacemaker Cluster role -> 'ha_cluster' Linux System Role
# ------------------------------------------------------------------------------
# __sap_ha_pacemaker_cluster_ha_cluster ha_cluster
# __sap_ha_pacemaker_cluster_cluster_name ha_cluster_cluster_name
# __sap_ha_pacemaker_cluster_cluster_properties ha_cluster_cluster_properties
# __sap_ha_pacemaker_cluster_constraints_colocation ha_cluster_constraints_colocation
# __sap_ha_pacemaker_cluster_constraints_location ha_cluster_constraints_location
# __sap_ha_pacemaker_cluster_constraints_order ha_cluster_constraints_order
# __sap_ha_pacemaker_cluster_extra_packages ha_cluster_extra_packages
# __sap_ha_pacemaker_cluster_fence_agent_packages ha_cluster_fence_agent_packages
# __sap_ha_pacemaker_cluster_hacluster_password ha_cluster_hacluster_password
# __sap_ha_pacemaker_cluster_repos __ha_cluster_repos
# __sap_ha_pacemaker_cluster_resource_clones ha_cluster_resource_clones
# __sap_ha_pacemaker_cluster_resource_groups ha_cluster_resource_groups
# __sap_ha_pacemaker_cluster_resource_primitives ha_cluster_resource_primitives

- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster'"
when: __sap_ha_pacemaker_cluster_ha_cluster is defined
ansible.builtin.set_fact:
ha_cluster: "{{ __sap_ha_pacemaker_cluster_ha_cluster }}"

- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_cluster_name'"
when: __sap_ha_pacemaker_cluster_cluster_name is defined
ansible.builtin.set_fact:
ha_cluster_cluster_name: "{{ __sap_ha_pacemaker_cluster_cluster_name }}"

- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_cluster_properties'"
when: __sap_ha_pacemaker_cluster_cluster_properties is defined
ansible.builtin.set_fact:
ha_cluster_cluster_properties: "{{ __sap_ha_pacemaker_cluster_cluster_properties }}"

- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_constraints_colocation'"
when: __sap_ha_pacemaker_cluster_constraints_colocation is defined
ansible.builtin.set_fact:
ha_cluster_constraints_colocation: "{{ __sap_ha_pacemaker_cluster_constraints_colocation }}"

- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_constraints_location'"
when: __sap_ha_pacemaker_cluster_constraints_location is defined
ansible.builtin.set_fact:
ha_cluster_constraints_location: "{{ __sap_ha_pacemaker_cluster_constraints_location }}"

- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_constraints_order'"
when: __sap_ha_pacemaker_cluster_constraints_order is defined
ansible.builtin.set_fact:
ha_cluster_constraints_order: "{{ __sap_ha_pacemaker_cluster_constraints_order }}"

- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_extra_packages'"
when: __sap_ha_pacemaker_cluster_extra_packages is defined
ansible.builtin.set_fact:
ha_cluster_extra_packages: "{{ __sap_ha_pacemaker_cluster_extra_packages }}"

- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_fence_agent_packages'"
when: __sap_ha_pacemaker_cluster_fence_agent_packages is defined
ansible.builtin.set_fact:
ha_cluster_fence_agent_packages: "{{ __sap_ha_pacemaker_cluster_fence_agent_packages }}"

- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_hacluster_password'"
when: __sap_ha_pacemaker_cluster_hacluster_password is defined
ansible.builtin.set_fact:
ha_cluster_hacluster_password: "{{ __sap_ha_pacemaker_cluster_hacluster_password }}"
no_log: true # secure the credential

- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_repos'"
when: __sap_ha_pacemaker_cluster_repos is defined
ansible.builtin.set_fact:
__ha_cluster_repos: "{{ __sap_ha_pacemaker_cluster_repos }}"

- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_resource_clones'"
when: __sap_ha_pacemaker_cluster_resource_clones is defined
ansible.builtin.set_fact:
ha_cluster_resource_clones: "{{ __sap_ha_pacemaker_cluster_resource_clones }}"

- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_resource_groups'"
when: __sap_ha_pacemaker_cluster_resource_groups is defined
ansible.builtin.set_fact:
ha_cluster_resource_groups: "{{ __sap_ha_pacemaker_cluster_resource_groups }}"

- name: "SAP HA Prepare Pacemaker - (ha_cluster) Define parameter 'ha_cluster_resource_primitives'"
when: __sap_ha_pacemaker_cluster_resource_primitives is defined
ansible.builtin.set_fact:
ha_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives }}"
no_log: true # be paranoid, there could be credentials in it
50 changes: 35 additions & 15 deletions roles/sap_ha_pacemaker_cluster/tasks/construct_vars_common.yml
Original file line number Diff line number Diff line change
@@ -1,29 +1,49 @@
---
# Create or combine input parameters for the ha_cluster role.
# Combine input parameters with inherited vars from the 'ha_cluster' role.
# The inherited values take precedence. Some parameters are not required to be set.
# The 'ha_cluster' LSR will apply its role defaults.
# For mandatory parameters, sanity checks will be done separately.

# sap_ha_pacemaker_cluster_cluster_name -> user-defined or default inherited from {{ ha_cluster_cluster_name }}
- name: "SAP HA Prepare Pacemaker - Set cluster name"
when:
- __sap_ha_pacemaker_cluster_cluster_name is not defined
- sap_ha_pacemaker_cluster_cluster_name is defined
ansible.builtin.set_fact:
__sap_ha_pacemaker_cluster_cluster_name: "{{ ha_cluster_cluster_name | default(sap_ha_pacemaker_cluster_cluster_name) }}"
__sap_ha_pacemaker_cluster_cluster_name: "{{ sap_ha_pacemaker_cluster_cluster_name }}"

# sap_ha_pacemaker_cluster_hacluster_password -> user-defined or default inherited from {{ ha_cluster_hacluster_password }}
- name: "SAP HA Prepare Pacemaker - Register the 'hacluster' user password"
when:
- __sap_ha_pacemaker_cluster_hacluster_password is not defined
- sap_ha_pacemaker_cluster_hacluster_password
ansible.builtin.set_fact:
__sap_ha_pacemaker_cluster_hacluster_password: "{{ ha_cluster_hacluster_password | default(sap_ha_pacemaker_cluster_hacluster_password) }}"
no_log: true
__sap_ha_pacemaker_cluster_hacluster_password: "{{ sap_ha_pacemaker_cluster_hacluster_password }}"
no_log: true # secure the credential


# sap_ha_pacemaker_cluster_extra_packages -> user-defined, empty by global default
# __sap_ha_pacemaker_cluster_sap_extra_packages -> included from vars/*
# __sap_ha_pacemaker_cluster_platform_extra_packages -> included from vars/platform*
# Empty defaults defined here for optional non-user-facing parameters.

- name: "SAP HA Prepare Pacemaker - Combine extra packages lists"
ansible.builtin.set_fact:
__sap_ha_pacemaker_cluster_extra_packages: "{{
__sap_ha_pacemaker_cluster_extra_packages: "{{ (
sap_ha_pacemaker_cluster_extra_packages
+
sap_ha_pacemaker_cluster_sap_extra_packages | default([])
+
sap_ha_pacemaker_cluster_platform_extra_packages | default([])
}}"
+ __sap_ha_pacemaker_cluster_sap_extra_packages
+ __sap_ha_pacemaker_cluster_platform_extra_packages
) | unique }}"


# sap_ha_pacemaker_cluster_fence_agent_minimal_packages -> global default
# sap_ha_pacemaker_cluster_fence_agent_packages -> global default
# __sap_ha_pacemaker_cluster_fence_agent_packages -> internal default (vars/main.yml)

- name: "SAP HA Prepare Pacemaker - Combine fence agent packages lists"
ansible.builtin.set_fact:
__sap_ha_pacemaker_cluster_fence_agent_packages: "{{
sap_ha_pacemaker_cluster_fence_agent_packages
+
__sap_ha_pacemaker_cluster_fence_agent_packages
}}"
__sap_ha_pacemaker_cluster_fence_agent_packages: "{{ (
sap_ha_pacemaker_cluster_fence_agent_minimal_packages
+ sap_ha_pacemaker_cluster_fence_agent_packages
+ __sap_ha_pacemaker_cluster_fence_agent_packages
) | unique }}"
16 changes: 9 additions & 7 deletions roles/sap_ha_pacemaker_cluster/tasks/construct_vars_stonith.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
# This block is entered when
# - no default stonith resource is defined and no custom is defined either
# - an empty custom is defined to override any default (defined or not)
- name: "SAP HA Prepare Pacemaker - Block when no STONITH resource is defined"
- name: "SAP HA Prepare Pacemaker - (STONITH) Block when no STONITH resource is defined"
when:
- (
sap_ha_pacemaker_cluster_stonith_custom is defined
Expand All @@ -34,7 +34,7 @@
)
block:

- name: "SAP HA Prepare Pacemaker - Set STONITH to disabled when no fencing resource is defined"
- name: "SAP HA Prepare Pacemaker - (STONITH) Set to disabled when no fencing resource is defined"
ansible.builtin.set_fact:
sap_ha_pacemaker_cluster_cluster_properties:
"{{ sap_ha_pacemaker_cluster_cluster_properties | combine({ 'stonith-enabled': false }) }}"
Expand All @@ -53,13 +53,15 @@
# END of block for disabling stonith


- name: "SAP HA Prepare Pacemaker - Define cluster stonith properties"
- name: "SAP HA Prepare Pacemaker - (STONITH) Define cluster properties"
when:
- sap_ha_pacemaker_cluster_cluster_properties is defined
- sap_ha_pacemaker_cluster_cluster_properties is iterable
- sap_ha_pacemaker_cluster_cluster_properties | length > 0
ansible.builtin.set_fact:
__sap_ha_pacemaker_cluster_cluster_properties:
__sap_ha_pacemaker_cluster_cluster_properties: "{{ __sap_ha_pacemaker_cluster_cluster_properties | default([]) + __stonith_properties }}"
vars:
__stonith_properties:
- attrs: |-
{% set attrs = __sap_ha_pacemaker_cluster_cluster_properties | map(attribute='attrs') | flatten -%}
{%- for default_cluster_properties in (sap_ha_pacemaker_cluster_cluster_properties | dict2items) -%}
Expand All @@ -83,7 +85,7 @@
# - generic pacemaker fence resource options
# (see defaults: sap_ha_pacemaker_cluster_fence_options)

- name: "SAP HA Prepare Pacemaker - Assemble the stonith resource definition from platform default"
- name: "SAP HA Prepare Pacemaker - (STONITH) Assemble the resource definition from platform default"
when:
- sap_ha_pacemaker_cluster_stonith_default is defined
- sap_ha_pacemaker_cluster_stonith_custom is not defined
Expand Down Expand Up @@ -117,7 +119,7 @@
{%- endfor %}
{{ attrs }}

- name: "SAP HA Prepare Pacemaker - Assemble the stonith resources from custom definition"
- name: "SAP HA Prepare Pacemaker - (STONITH) Assemble the resources from custom definition"
when:
- sap_ha_pacemaker_cluster_stonith_custom is defined
ansible.builtin.set_fact:
Expand All @@ -144,7 +146,7 @@


# The STONITH resource is an element in the cluster_resource_primitives list
- name: "SAP HA Prepare Pacemaker - Construct stonith resources definition"
- name: "SAP HA Prepare Pacemaker - (STONITH) Construct resources definition"
when:
- __sap_ha_pacemaker_cluster_stonith_resource is defined
ansible.builtin.set_fact:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
# Reminder: This file is included in a loop over a dictionary.

# VIP resource definition itself
- name: "SAP HA Prepare Pacemaker - Add resource: VIP {{ vip_list_item.key }}"
- name: "SAP HA Prepare Pacemaker - Add resource: VIP {{ vip_list_item.key }} ({{ sap_ha_pacemaker_cluster_vip_resource_agent }})"
ansible.builtin.set_fact:
__sap_ha_pacemaker_cluster_resource_primitives: "{{ __sap_ha_pacemaker_cluster_resource_primitives + [__resource_vip] }}"
vars:
Expand All @@ -17,3 +17,4 @@
value: "{{ sap_ha_pacemaker_cluster_vip_client_interface }}"
when:
- __sap_ha_pacemaker_cluster_vip_resource_id not in (__sap_ha_pacemaker_cluster_resource_primitives | map(attribute='id'))
- '"IPaddr2" in sap_ha_pacemaker_cluster_vip_resource_agent'
Original file line number Diff line number Diff line change
@@ -0,0 +1,94 @@
---
# If there are "ha_cluster" Linux System Role parameters already defined in the
# inventory, we will include these custom specifications and they take precedence.

# Only parameters which need to be adjusted or enhanced by the SAP HA role
# need to be included here.


### Take the following template to add additional parameters to be inherited:
# - name: "SAP HA Prepare Pacemaker - Register ha_cluster_"
# ansible.builtin.set_fact:
# __sap_ha_pacemaker_cluster_: "{{ ha_cluster_ }}"
# when: ha_cluster_ is defined


# ha_cluster
- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster'"
when: ha_cluster is defined
ansible.builtin.set_fact:
__sap_ha_pacemaker_cluster_ha_cluster: "{{ ha_cluster }}"

# ha_cluster_cluster_name
- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_cluster_name'"
when: ha_cluster_cluster_name is defined
ansible.builtin.set_fact:
__sap_ha_pacemaker_cluster_cluster_name: "{{ ha_cluster_cluster_name }}"

# ha_cluster_cluster_properties
- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_cluster_properties'"
when: ha_cluster_cluster_properties is defined
ansible.builtin.set_fact:
__sap_ha_pacemaker_cluster_cluster_properties: "{{ ha_cluster_cluster_properties }}"

#__sap_ha_pacemaker_cluster_resource_groups ha_cluster_constraints_colocation
- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_constraints_colocation'"
when: ha_cluster_constraints_colocation is defined
ansible.builtin.set_fact:
__sap_ha_pacemaker_cluster_constraints_colocation: "{{ ha_cluster_constraints_colocation }}"

# ha_cluster_constraints_location
- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_constraints_location'"
when: ha_cluster_constraints_location is defined
ansible.builtin.set_fact:
__sap_ha_pacemaker_cluster_constraints_location: "{{ ha_cluster_constraints_location }}"

# ha_cluster_constraints_order
- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_constraints_order'"
when: ha_cluster_constraints_order is defined
ansible.builtin.set_fact:
__sap_ha_pacemaker_cluster_constraints_order: "{{ ha_cluster_constraints_order }}"

# ha_cluster_extra_packages
- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_extra_packages'"
when: ha_cluster_extra_packages is defined
ansible.builtin.set_fact:
__sap_ha_pacemaker_cluster_extra_packages: "{{ ha_cluster_extra_packages }}"

# ha_cluster_fence_agent_packages
- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_fence_agent_packages'"
when: ha_cluster_fence_agent_packages is defined
ansible.builtin.set_fact:
__sap_ha_pacemaker_cluster_fence_agent_packages: "{{ ha_cluster_fence_agent_packages }}"

# ha_cluster_hacluster_password
- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_repos'"
when: ha_cluster_hacluster_password is defined
ansible.builtin.set_fact:
__sap_ha_pacemaker_cluster_hacluster_password: "{{ ha_cluster_hacluster_password }}"
no_log: true # handle credentials with care

# ha_cluster_repos
- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_repos'"
when: ha_cluster_repos is defined
ansible.builtin.set_fact:
__sap_ha_pacemaker_cluster_repos: "{{ ha_cluster_repos }}"

# ha_cluster_resource_clones
- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_resource_clones'"
when: ha_cluster_resource_clones is defined
ansible.builtin.set_fact:
__sap_ha_pacemaker_cluster_resource_clones: "{{ ha_cluster_resource_clones }}"

# ha_cluster_resource_groups
- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_resource_groups'"
when: ha_cluster_resource_groups is defined
ansible.builtin.set_fact:
__sap_ha_pacemaker_cluster_resource_groups: "{{ ha_cluster_resource_groups }}"

# ha_cluster_resource_primitives
- name: "SAP HA Prepare Pacemaker - (ha_cluster) Register parameter 'ha_cluster_resource_primitives'"
when: ha_cluster_resource_primitives is defined
ansible.builtin.set_fact:
__sap_ha_pacemaker_cluster_resource_primitives: "{{ ha_cluster_resource_primitives }}"
no_log: true # be paranoid, there could be credentials in it
Loading
Loading